Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-4600
IBM API Connect version V5.0.0.0 up to and including 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 167883.
Ibm Api Connect
6.8
CVSSv2
CVE-2018-1774
IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened by an administrator. IBM X-Force ID: 148692.
Ibm Api Connect
9.3
CVSSv2
CVE-2018-1778
IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an malicious user to bypass authentication if the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and...
Ibm Api Connect
5
CVSSv2
CVE-2018-1779
IBM API Connect 2018.1 up to and including 2018.3.7 could allow an unauthenticated malicious user to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.
Ibm Api Connect
7.5
CVSSv2
CVE-2018-1784
IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection in MongoDB connector for the LoopBack framework. IBM X-Force ID: 148807.
Ibm Api Connect
6.5
CVSSv2
CVE-2018-1789
IBM API Connect v2018.1.0 through v2018.3.4 could allow an malicious user to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.
Ibm Api Connect
2.1
CVSSv2
CVE-2019-4444
IBM API Connect 2018.1 up to and including 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force I...
Ibm Api Connect
4.3
CVSSv2
CVE-2020-4337
IBM API Connect 2018.4.1.0 up to and including 2018.4.1.12 could allow an malicious user to launch phishing attacks by tricking the server to generate user registration emails that contain malicious URLs. IBM X-Force ID: 177933.
Ibm Api Connect
5
CVSSv2
CVE-2020-4452
IBM API Connect V2018.4.1.0 up to and including 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 181324.
Ibm Api Connect
4
CVSSv2
CVE-2018-1389
IBM API Connect 5.0.0.0 up to and including 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213.
Ibm Api Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »